Security Advisories (1)
Mojolicious::Plugin::Web::Auth::OAuth2 versions through 0.17 for Perl have an insecure default state parameter. When no state generator is specified in the constructor, the module defaults to using a SHA-1 hash of predictable and low-entropy sources, including the epoch time (which is leaked via the HTTP Date header) and a call to Perl's built-in rand function. A predictable state allows an attacker to hijack another user's session through cross site request forgery (CSRF).
No POD found for 00_compile.t.
Time to read the source?
Module Install Instructions
To install Mojolicious::Plugin::Web::Auth, copy and paste the appropriate command in to your terminal.
cpanm Mojolicious::Plugin::Web::Auth
perl -MCPAN -e shell
install Mojolicious::Plugin::Web::Auth
For more information on module installation, please visit the detailed CPAN module installation guide.